Posted on 1 Comment

Arbitrary file access vulnerability in Kodi 15

NOTE: This is for education purpose only

Good Evening friends, today we will see about arbitrary file access vulnerability in Kodi 15. For those guys who have no idea what Kodi is, it is “an award-winning free and open source cross-platform software media player and entertainment hub for HTPCs. Kodi can be used to play almost all popular audio and video formats around.” We will exploit a LFI vulnerability in its web interface.

Before we start, let me make clear that the credit for finding this vulnerability goes to one “MICHAEL PRONK” of exploit-db. I am just showing how to use that exploit. The exploit is shown below.

Ok, now let’s see it in real time. Open Shodan ( which means you should have an account there ) and search for “title:kodi os:linux” as shown below. We are searching for all Linux machines with Kodi installed on them. The results will be as shown below.

Now open any one interface. It should look like below. Kodi, by default runs on port 8080.

Now we will try to access the passwd file available in this  Linux machines. Just after port number, try this query


as shown below. You should get the contents of passwd file as shown below.

Here’s another example.

1 thought on “Arbitrary file access vulnerability in Kodi 15

  1. Very interesting, good job and thanks for sharing such a good blog. Your article is so convincing that I never stop myself to say something about it. You’re doing a great job. Keep it up

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.